Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

icypyr0 writes "Computer programmer Jim March and activist Bev Harris have filed suit in California state court against Diebold under a whistle-blowing statue. This is another in a seriesofblows dealt to the ailing company.
March and Harris allege that Diebold 'used uncertified hardware and software, and modems that may have allowed election results to be published online before polls closed.' They are seeking full reimbursement for all of the voting machines purchased in California. March and Harris could collect up to 30% of the reimbursement, under the whistle-blower statute.
In an interesting turn, the two are requesting that the state of California join the lawsuit. State officials have spent millions on the paperless touch screen machines; Alameda County has spent at least $11 million alone."

The concept is classic in the computer software industry... sales sells a vaporware product that hasn't been built yet, and then the R&D people have to take shortcuts in order to get a product shipped by the date it was promised.

Governments don't take well to such practices. When dealing with a state government, you must cross every t and dot every i in the system. Any bugs, flaws or failures is simply delivering a product that wasn't to spec.

Diebold appears to have their hands caught in the cookie jar here. They've already been caught installing a "patch" on machines that were supposed to be "sealed" and in their final ready-for-voting state. Bev Harris has been the collector in chief of all of Diebold's other mistakes that they've tried to cover up... seeing what they have ready to present at trial should be fun.

Long story short: I was at a company that sold vaporware. When we bitched about the stupid deadlines and what the fuck were the salesguys and upper management thinking, we were told that, "If we don't do it, someone else will and make the sale."

I've always wondered. Wouldn't word get around? I mean, it's nice to be able to say "we'll write your program in half the time and a quarter of the money as your competitors", but when it's two years past the due date and you've blown past your budget far enough to fund a small country, I'd think the guy who hired you wouldn't be happy.

And so presumably you could start accumulating data on this - "Company X charges 73% of the national average and exceeds their budget by 593% on average" - and it'd make it

The concept is classic in the computer software industry... sales sells a vaporware product that hasn't been built yet, and then the R&D people have to take shortcuts in order to get a product shipped by the date it was promised.

The problem here is deeper than that. The simple truth is that voting software is a relativly simple project. EVEN with VB (which is what Dibold is using for their software), it would be simple to build a secure system. The fact is, they don't have the expertise to do so with any tool.

Voting machines need to be certified, basically this means someone needs to inspect it and make sure it works correctly, is tamper-resistant, etc. hardware and software is certified together. but Diebold treated their software like many IT products. release what you have and patch, patch, patch. Unfortunately, in the case of election this meant uncertified software (and allegedly uncertified modems as well) was used. Diebold could have put anything in that code.

Of course, whoever did the certification job on the Diebold certainly wasn't doing their jobs very well.

A good model for EVM would actually be the Navada Gaming commission for slot machines and the like. Software updates need to digitally signed and encrypted by both the company, and the commission. Running slot machines without approved software is illegal.

I agree that the model used by the Nevada Gaming Commision would be perfect. Additionally, the Gaming Commission will from time to time, do random audits of machines to make sure that they're up to snuff, and there's big fines for those that don't meet the requirements.

Of course, there's a lot of money to be made or lost, and that's why they're so anal about it. Given that there's apparently discussion of suspending the November elections in the event of a terrorist attack, hey, what's this voting thing, and why is it so important?;)

I thought you were joking until I looked it up. The Independent [independent.co.uk] has an article.

Anyway, if they wanted to make voting machines more like slots, why not put a seal on them over the screws, floppy, CD, USB, network ports. etc from the time they're certified until after the election? Tampering subject to criminal penalty. They can do it on every gas pump and supermarket scale, why not on voting machines?

Like I said, with the other things, there's money involved. If the gas pump or scale are tampered with, that's measurable losses (or gains) for the tamperer, or tamperee (probably not a word, but hey, the context makes sense).

Maybe the problem here is that there doesn't seem to be any measurable effect to the voting machines not being secure (well, you and I know that there is, but maybe the mass public doesn't). I get the feeling that until there's something that costs a lot of people something (maybe money), people won't really care about how secure the voting machines are.

Voter apathy is at an all-time high right now, nobody cares about voting. Because of that, I suspect that most people, even if they hear of this, figure, "Well, I'm not voting, why do I care?"

I can't get games.slashdot.org here because URLs with 'game' are blocked by my employer. If I cut 'games.' out of the URL I can view the content - the subdomain just decides the colour scheme/design of the page, I think.

Chop 'yro.' off - you should get the same story in standard slashdot green:)

Here's a snippet from CNN [cnn.com]. Their quote is, 'In August, O'Dell said in a fund-raising letter for the Ohio Republican Party that he was "committed to helping Ohio deliver its electoral votes" to Bush.'

I'm sorry I don't have a paper copy to hand to you; ironically this is one of the issues that we are discussing on this thread.

Here's instructions for the future if you need information.1. Type "www.google.com" in the location bar of your browser (you might refer to it as "that fancy web thing I've done been hearing so much about").2. Press the "enter" key. This submits the "location" you typed in to the "web".3. When the "web page" appears, type in the words "diebold deliver ohio" in the little rectangular box.4. Once, again, you need to press the "enter" key.5. A list of "web pages" appears. Click on one of them using the "left button" of your "mouse". Try and choose a respectable source like "FOX News" or "Monster Truck Week".

It's not about paranoia. It's about an administration that has been promoting a fascist agenda, ie moving away from civil liberties and towards a tyrany, (check out the patriot act, and the current homeland security mandates for industry--official USCG regulations as examples) in bed with Diebold, who happens to (1) support Bush with political donations and public pronouncements (look how much Diebold execs have contributed to Bush and that somewhat famous quote about Diebold being ready to deliver the ele

The Bush administration and the GOP dominatedCongress were very quick to earmark $6 Billionfor eVoting upgrades, after the "hanging chad"problems in the 2000 elections. The push to"use it, or lose it" for this money meant arush to adopt some very badly implimentedsolutions from corporate friends of the Bushadministration.

So now that the word is out about these crappyeVoting machines (WITH NO PAPER AUDIT TRAIL),and the Bush administration is now "floatingtrial balloons" in the press about DELAYINGthe November national elections. As well aspreparing the public to EXPECT terrorist actssimilar to the Madrid train bombings that wouldbe designed to disrupt these elections.

Doesn't anyone else besides me see a conspiracytheory in the making? Like: if the GOP feelsthat they will not win the November electionsusing the SOP of FUD, that there WILL be somemajor terrorist attacks here AND there WILL bea delay in the national elections.

Governments don't take well to such practices. When dealing with a state government, you must cross every t and dot every i in the system. Any bugs, flaws or failures is simply delivering a product that wasn't to spec.

Seems like many of the reports so far have shown great support for Diebold at the local and state level. Time and time again, state officials have brushed off complaints and critisms. Even in California, this went on for quite a while. Withness the condition in Florida. The issue is being pressed not be gov't officials, but by grassroots citizen's groups, the ALCU and other non-governmental groups.

Looks who's filing the lawsuit. The plaintifs are Jim March and Bev Harris... activists, not gov't officials. In fact, the lawsuit has been sealed for at least 7 months while the government tried to decide if they wanted to join the plaintifs.

The state of California has STILL not decided if they want to join the plainfits in this lawsuit. That's hardly needing to cross every t and dot event i in the system. It's more a case of needing to hide problems well enough from activists. It's clear the election officials are apathetic and would rather keep any problems swept under the rug than admit they were cheated, purchased shoddy products, and failed to detect accuracy problems.

Whether this goes anywhere or not, Diebold's abuses are finally going to the mainstream. The number one weapon that people have on their side to affect a change in an unfair system is information, and this information hitting major news outlets with some degree of regularity is happening just in time to ensure that this nonsense DIES.

Remember, when your friends ask what this is all about, you have everything from blackboxvoting.com to the damning Diebold memos themselves to point to as evidence of the abuse and incompetence plaguing such a vital issue.

Bev Harris isn't just an activist, she's is the whistleblower from within Diebold. She exposed an internal Diebold document that was nothing short than "How to manipulate the results" manual. She is giving a speech tomorrow in Austin, TX where activists are trying to compel the TX Governor to mandate that all these electronic voting machines have some sort of verifyable paper trail at the voting site, by the voter.

The problem here is the only body with the ability to fix this mess across the entire nation before the November election is Congress and they've already refused. So you are stuck tryng to fix it state by state.

There is a bill with more than a hundred sponsers that would require a paper trail in November but it is being sat on by the same people who wrote HAVA which is the bill that started this mess in the first place.

Here [house.gov] is the statement from the bipartisan representatives and senators that have bottled it up in committee.

It contains some disturbing statements, this one in particular:

"Most importantly, the proposals requiring a voter-verified paper record would force voters with disabilities to go back to using ballots that provide neither privacy nor independence, thereby subverting a hallmark of the HAVA legislation. There must be voter confidence in the accuracy of an electronic tally. However, the current proposals would do nothing to ensure greater trust in vote tabulations"

Not sure how they can claim a recountable paper trail, "would do nothing to ensure greater trust in vote tabulations".

They also want the same agency that is apparently responsible for the current mess to sit on the problem and do nothing in time for this election:

"Questions regarding voting systems security, as well as many others, need to be examined by the entity responsible for doing so under existing law, the Election Assistance Commission, before Congress begins imposing new requirements, just months before the 2004 presidential and congressional elections, that have not been fully considered. The security of voting technology is a non-partisan issue. We encourage you to allow HAVA to be implemented as enacted and provide those who are charged with ensuring the security of voting systems the time and flexibility needed to get the job done effectively. "

As if this whole situation wasn't disturbing enough this same commission is exploring give the Bush administration, and Homeland Security power [washingtonpost.com] to postpone the election in the event of a terrorist attack, especially if it looks like Bush might lose in its wake the same way the Spanish government did, if it becomes apparent he may not have made America safer.

Somebody save e-voting... before it's too late. Looks like Florida is going to be in a worse position than in 2000. I know I keep saying this, but someone should create a good Internet voting mechanism, and keep it anonymous yet feasible. I'd like to be sure my vote was counted, and the only way to really do that is by the old fashioned SQL count() function.:-)

At least then I'd know that my vote is my say. Nowadays, you're either black, hispanic, poor, criminal, or you look like these groups so you're unable to vote. It's a crying shame, and in all its flaws, Moore's Fahrenheit 9/11 actually does demonstrate the problems with the 2000 election quite intricately.

Why? What is the benefit? Ultimately, you have to have a certain level of trust. Current paper methods reduce the necessary level of trust -- because independent (and non-independent) observers are watching what happens for me.

Frankly, what happened in Florida was not good, but let's face it, when elections get that close, you may as well toss a coin! When things like weather could affect a result, is the accuracy of the count that important?

What is really important, though, is to prevent any person, organization or company getting into a position whereby they can systematically skew the results of multiple elections.

Until someone comes up with an electronic voting scheme that guarantees that no one can fix an election then we should forget about electronic voting and stick with paper.

Even if you consider the problems in Florida to be more of an issue than I do, they don't require electronic voting to fix them -- let's look for simpler, more foolproof solutions.

It is at least as safe, if not safer, than paper-and-pencil voting. As society continues to move towards staring at computer displays 24/7 electronic voting becomes an inevitability out of inertia, so it may as well be done right.

A paper trail can be tampered with. You just need to make your own voting slips, number say 100 votes with the candidate you want and replace a random selection of votes in a ballot box with the illegitimate votes.

The idea of "just need to" modify the operating system, keystroke logger and voting software - open source software in a heavily monitored environment - is ridiculous. This system is not perfect but the level of conspiracy needed to tamper with the voting system would be in the same ballpark as p

Computer voting has the potential to become more reliable, but I don't think we are going to see it from Diebold.

There has always been some element of trust in the elections. We've all seen the T-Shirt "I'm from Chicago, Two ballots please." but at this point I still think that paper ballots are more reliable. If you put the paper ballots in a lock box, and the lock box is opened under the supervision of all sides involved in the election as well as the media, then it becomes a lot more difficult to defraud an election.

(Although changing voting locations at the last minute, putting up National Guard roadblocks, and disqualifing thousands of people who happen to have the same first and last name as convicted felons in other states are potential abuses in this scenario. But computer voting wouldn't fix those problems either.)

Even if we did have a verifiable open-source voting system I still think it would be a good idea to have paper ballots. What would be best is after you vote, the machine prints out a paper ballot that is both machine and human readable. The voter can then examine their ballot and confirm all their choices are correct, and place it in the lock box.

When the elections are over you tally both the electronic voting machines and the paper ballots, and if there is a significant difference you know at least one of the numbers is wrong. Since the methods involved in defrauding an election via paper balots and computers are different, I imagine it would be very difficult to make the results come out the same.

Now, ultimately, I think that an open-source voting solution that uses both encryption and digital signatures would be best. Peer review can confirm that the system is nih impossible to rig. The average person won't understand this, but then the average person is not involved in the old fashioned voting sytem anyway.

Oh, interesting story I heard a few years ago about paper ballots on talk radio. Someone was at the place where the machine reads the ballots. The caller said that he suggest they test the reliability of the machine by taking a stack of ballots, and running them through the machine twice and seeing if the results come out the same both times.

I forget if they actually did it and there were different results, and the voting people didn't like him, or if they just didn't like him without even trying. Some people just don't like you to question them, and it seems the bigger their responsibility, the less they like to be questioned.

Unless I get a paper certificate that I can verify for myself, and that counts as "my vote" in cases where a recount is called for, I am not interested in switching to a new technology.

There are plenty of tricks that can be played unless the voter can verify a hard copy ballot themselves. In nearly all cases these ballots wouldn't be used, but they would allow for recounts of suspicious votes. Keystroke logs are a nice touch. Unless, of course, the keystroke logger is tampered with. hard copy receipts, on the other hand, can be verified on the spot by the voter, and are much more difficult to modify successfully after the fact.

I don't see how that CD-ROM system leaves the secret ballot intact. If you watch the polls and see that Fred is the 37th voter that day, then examining the 37th vote on the CD-ROM tells you how Fred voted, right? With paper ballots, the ballots all get shuffled before being counted.

More to the point, how does the voter know that the data written to the CD-ROM is the same as how he actually voted? I can show you a computer and a printout of a GPL program, and claim that the GPL program is what's actually running on the computer, but how do you verify that?

Exactly. Electronic voting as a "solution" in search of a problem. It just isn't needed. And, since thee is no audit trail with the top commercial systems, it is not appropriate for voting at this time.

Actually, I see a great opertunity for a company that wants to do it right. Learn from Dibold's STUPID mistakes, clean up!

"someone should create a good Internet voting mechanism, and keep it anonymous yet feasible"

Someone's creating a good eVoting mechanism, the Open Voting Consortium. Go to http://www.openvotingconsortium.org and help out!

I'll also point out that internet voting is fundamentally insecure, but any vulnerability can be exploited infinitely. When voting takes place in polling stations (i.e. offline and under observation), the poll workers can limit the damage of any vulnerability, because they can see who comes in, control who goes into voting stations, for how long, and can stop anyone doing anything too obvious (e.g. unscrewing the voting stations and modifying their internals, for example). Also, internet voting makes any a reliable audit impossible, because there's no voter verified physical record of a vote.

Hear hear. And might I add, we should all be grateful for those people who give up their valuable time to man the voting stations. I don't know about the US, but here in Canada they work largely on a volunteer basis, to ensure that democracy functions as it should. My sincerest thanks goes out to them.

You are under the mistaken assumption that a good Internet voting mechanism is possible and a good idea.

Right now, it probably isn't. Would you want your average PC to be controlling your life support system, where if it dies, you do? The wrong guy in the white house could unleash a nuclear holocaust upon us all; is that any less important?

Really, I'm not sure that it's worth it to do electronic voting anyways. A properly designed machine-assisted paper voting system (big ballots in your choice of languages, mark-sense sense system with no chad, etc) is pretty economical and reasonably hard to mess with -- especially because its functioning and potential for fraud is easier to perceive.

I don't understand the problem with normal mechanical voting machines. The ones we use in CT aren't difficult at all. What's the point in using computers for voting when there's a mechanical method that works as well already, without the worry of malicious software and the need for an additional paper trail?

I mean.... It's like, what are you going to do when you're trying to vote and the power goes out?

What they should be doing is making sure the voting machines are NEVER able to remotely connect to anything. Once voting is done for the night election officials should have to PHYSICALY connect or transfer votes from the machines to a device that sends the tally to the central counting.

Once a voting machine is "certified" it should be LOCKED, taped, and completely inaccesible to remote or phyical tampering.

What they should be doing is making sure the voting machines are NEVER able to remotely connect to anything. Once voting is done for the night election officials should have to PHYSICALY connect or transfer votes from the machines to a device that sends the tally to the central counting.

Of course, that would let the election admin tamper with the card at his leisure while delivering it to the sending device. If you don't think the machine can be made tamper proof, then I don't see why you think the card

because if the state joins in, the state will pay for and handle the case, and the two who started it won't have to do much. If this happens, they'll only get 20% by the way. They'll get 30% if they handle the case themselves and win though...

I prefer Approval Voting. [approvalvoting.org] Thats where you vote for as many of the people available as you wish.

It is simpler for the average person to understand, and would be easier to implement, and does not have the flaws that the more complicated voting methods have. (At least as far as I know. I've been meaning to do a mathematical proof that it is best. Has anyone out there already done that?)

Also, voting methods are determined by the state. I don't even think it is part of the State Constitution but either laws

Catching Diebold's products actually being in violation of the law may be a technical matter that might result in lawyers talking for days, but should that burden ever be meant, the penalty is huge, especially in California.

Diebold promised their equipment would be up to spec. If it's found that it's not, then that's just plain simple basic fraud. In CA, the whistleblower law we're talking about makes the company have to refund 100% of the money the state gave it, and 30% goes to the citizens who started the case. More or less, Diebold will have lost all of the revenue it got from CA, plus all of the losses incured due to the fact that they already tried to deliver a product that they now aren't getting paid for...

This is the kind of thing that sends a company pretty close to bankruptcy... good thing Diebold has its ATM product line to fall back on.

Part of the reason why there was such a big deal over the counting of the Florida votes last year was because Florida's electoral votes were enough to give either candidate the victory in the overall election.

In many past presidential elections, isolated incidents of corruption or other flaws weren't as important because the overall result was a clear landside for one candidate or the other. Even if the irregularities in a state got so bad it tipped their electoral votes in the wrong candidate's direction, that state worth of votes usually isn't enough to tip the entire national election.

This year, with the nation split so tightly, and last time's close call fresh in everybody's mind, the tolerance for such flaws is going to be lower than it's ever been. The smallest election scandal is going to get magnified now.

One thing I think people fail to realize is that voting is not exact. If we recounted the vote last election, the number would have changed every single time. The two were so close that statistically, they were tied. Voting is not exact and there is always error. This is the reason why when there was a recount I didn't really care what the outcome was. Sure, I wanted my canidate to win, but the simple fact of the matter was that the two tied and all that was left to do was to play according to the rules of the game to decide who won the tie breaker. Who won the tie breaker had little to do with who actually had more votes.

My biggest concern with voting is that the occasional ballot will be lost or miscounted. This will happen, and so long as it is random it probably is not going to have much of an effect. The real concern is that someone can break into these machines and really mess up the numbers they spit out. A few hanging chads here and there don't mean anything and are just an excuse to keep recounting until one guy likes the result. Someone maliciously changing votes with one of these e-machines on the other hand can cause some serious damage.

Personally, I would rather they simply stick to simple paper ballots. True, they get miscounted, but a few random miscounts are a small price to pay prevent real election fraud. People need to keep things in perspective. The real fear is not that every vote isn't counted. The real fear is that votes are counted that are faked. Our goal should be to eliminate voting fraud and work towards reducing voting miscount, but never at the expense of making fraud easier.

No they don't, if you aren't in one of the most populous state, your vote isn't worth shit. It's like a contest where California, Texas, and New York count, and Florida is the tie breaker. If they need another tie breaker, that's Illinois and they work their way down the list. Due to the winner takes all nature of most states, little states (all but the top 10) don't count. States with a clear majority aren't compaigned in. It's a bite being in a populous state and not be worth an ad compaign.

dealt to the ailing company.
Diebold as a company isn't ailing, it's doing pretty well from what I gather making ATMs...Diebold as an electronic voting manufacturer is ailing. In fact, it's so bad that some people in the company have suggested dropping it altogether because it is making the company look bad. But they persist, which may even bring further question to Diebold's CEO's political motives...

The problem is that ATMs are a device used by the banking industry, and that's an industry that is based on trust. More or less, if customers start telling their banks that they feel funny trusting a machine marked "Diebold" because they got tied up in an election-rigging scandal... they're dead.

Heh, the funny thing is, even though most people probably just toss their receipts, I don't think anyone would really trust an ATM without them. Ironically, Diebold who is so deftly opposed to a paper trail for voting, has a paper trail on every one of their ATMs, amazing.

Unfortunately, that's not true. I bank with Provident [provbank.com] Bank of Maryland, which is extends through Maryland and some of Pennsylvania. Last year I sent a packet with printouts of a dozen articles about Diebold ATMs, voting machines, and other funny business. I provided the material in PDF form on a CD, and included a letter about how I didn't trust Provident ATMs since they use Diebold. I sent it certified mail to their customer service department, and I heard nothing. A year later, and not even a form letter in reply. They just don't care.

The banks audit the shit out of the ATMs. The bank wants the ATM to dispense the amount someone asks for, no more no less, all the time. The bank wants that ATM to accurately fetch and send customer and transaction information, all the time. The bank wants the ATM to dispense money ONLY for the customer to whom it belongs.

Well, if Diebold made it where there was an override code ot just come and steal money, the bank would find out in a big hurry (there'd be a discrepancy between physical audits and transaction longs, and camera tapes to see who did what). If Diebold made ATMs that screwed customers for fun, the bank would be pissed (since the customer and secret service would be pissed). Basically, it is in the bank's financial intrest to make sure the ATMs work like they are supposed to and are well audited, so they do.

This isn't to say they never fuck up, everything fucks up. However the bank watches for that and corrects it. The idea is these things need to be accurate and reliable almost all the time (and they are) so customers trust and use them.

Now that you don't trust them because of the name on them, doesn't really matter to the bank. The bank knows how well they do or do not work, and presumably they are happy.

The difference is all in oversight. The banks police their machines for accuracy since the must do so to remain in bussiness. Those involved in the voting process do not necessairly do likewise since it can be to their advantage to rig an election.

When Diebold bought Global Elections Systems in...lesse, I *think* the sale was finalized in 2002 with partnerships/investments prior, I don't think the larger corp understood what a pack o' jackals they were dealing with.

I could be wrong mind you, but...

OK, here's a piece of evidence. Alameda County first bought their touchscreen voting system off of Global. They signed

We had the mess in Florida, but instead of identifying the real problem (plurality voting, where voting for two people ruins the ballot and a spoiler can throw the election to the overall loser) we instead looked at one of the symptoms (hanging chads, and whether or not a hole was completely punched through).

Want to fix the real problem? Use Approval voting or a ranked method like Condorcet. Overvotes don't hurt either methon (two "Approvals" or first place votes are easily counted), undervotes are tossed like normal, and a third party candidate won't throw the election to the guy at the other extreme of the political spectrum.

As it is, even if Diebold had an absolutely perfect system, Nader could still throw the election to Bush, overvotes would still be tossed out, and then you *add* the problem of having an untraceable vote that can't be recounted.

You forget that, really, any voting system is unfair and ends up ruining it for somebody. Well, that, and it would require a constitutional amendment to make it happen.

The real, easy, workable solution is a sanity check at vote-time. They do this out where I live. Once you fill out your large-print paper ballot, they put your ballot in the machine. The machine scans your ballot and lets you know if something's wrong. However, you still have real paper ballots that can be checked for accuracy to make sure that none of the machines have been tampered with.

Yes, but some argue that Arrow's requirements of a perfect system were excessively stringent.

Basically, Arrow took his intuitive ideas about how an ideal system would behave, codified them into well-defined requirements and then proved that they're mutually incompatible. Some argue, however, that one of his requirements was stated more strongly that is intuitively reasonable.

The criterion in question is the "Independence from Irrelevant Alternatives", which states that addding or removing non-winning candidates should not affect the winner. This seems like a good idea until you consider sufficiently complex situations, in which it becomes clear that there *is* no intuitive right answer and that it is, in fact, reasonable to expect that the introduction of other candidates into a deeply divided electorate may change the outcome, even if the introduced candidates don't win.

Some variants of the Condorcet system do satisfy a slightly relaxed form of Arrow's Independence from Irrelevant Alternatives criterion. If you're willing to accept the relaxation as "intuitive", then those variants are, indeed, perfect.

It's also worth noting that the circumstances under which these Condorcet variants fail to meet Arrow's original criterion would occur very, very infrequently in the real world. Even if someone doesn't want to accept the relaxed form of IIA, they still have to admit that, in practice, Condorcet is perfect very nearly all of the time.

The OpenVoting folks in the article complained about using the Whistle Blower/Money type lawsuit. But having read a lot of articles on Diebold and its "tactics" it seems like the only thing Diebold will listen to is an argument (court case) that affects its bottom line. That whole "follow the law and do it right" concept is lost on them. Maybe if Diebold has to cough up $100M or more they might consider doing it right. Either that or they'll pay off with vouchers for free voting machines!

... A system of government whereby the people get the rulers they deserve.

Seriously though, I'm generally an advocate of using IT to automate boring and repetitive tasks, but as far as elections are concerned I think it's a very bad idea. The outcome of the last US election was effected by the use of 'voting technology', and they (I'm not a US citizen, thank god) ended up having a president appointed by a panel of judges.

If elections are run in the more traditional way of putting an X in a box on a piece of paper and then having an army of people count the ballots then the whole process becomes transparent. Election fraud is made difficult by having many people involved in it's administration, the reverse is also true.

My tinfoil hat is beginning to itch, but if I wanted to rig an election using voting machines I'd like to leave myself an alibi. After all, one should never attribute to malice what can be adequately explained by incompetence. Think about it.

Although it was the supreme court that finally decided the 2000 election debacle, they did not 'appoint' a president. The current sitting president won the electoral colleges needed, fair and square.

What is truly wrong is the electoral college system. Parliamentary systems are far better in my opinion, and far more effective at executing the public will (except in those rare circumstances like Canada in 1992, where the PC's got the majority vote but only 2 seats in the house).

ended up having a president appointed by a panel of judges
This is a bald-faced "Urban Myth" go back and review the facts of the 2000 election and you'll find the Supreme Court in reality ended up being a non-factor in the outcome of the election.

you make some good points, but as the 2000 Presidential Election demonstrated, some of my countrymen can't figured out A.) how to make a X B.) How many X's to put on each line of the Ballot. In other words the simpler the user interface the more Americans will

This is a bald-faced "Urban Myth" go back and review the facts of the 2000 election and you'll find the Supreme Court in reality ended up being a non-factor in the outcome of the election.

Ummmm. Nope. Sorry. You're the one who is mistaken here.

The Supreme Court ordered that the recount be stopped [pitt.edu] (and, that is the ONLY recount, not "multiple recounts" as James Baker and the Republicans claimed over and over again during the press coverage of the 2000 election fiasco) and that the totals from the election

Gee, the freakin' Green Party of California decided that Bush didn't win the election legitimately? There's a reliable source I know I can trust because they have no political agenda. But I know you're wrong, because somebody from the John Birch society told me so.

Meanwhile, back in the real world, intelligent people recognize that the results of the election were within the margin of statistical error, and both candidates knew that, so both candidates were playing every political card they could to tr

The whole electronic voting setup in the U.S. is just begging to be exploited by the unscrupulous. All they have to do is "convince" the companies that make these machines to put code in them that will randomly change a vote here and a vote there, until the numbers favor whoever "paid" them off.

That's not hard for someone who is unscrupulous and is also already in power to do. Someone who is already in power can grant "favors" to the people in these companies that make decisions, whereas a challenger can only promise future favors. Considering how "business friendly" and "wealth friendly" the current administration has proven itself to be, a promise by said administration to grant favors would be taken very seriously. And since the government today basically answers only to the corporations (especially those that own the media), I think it's unlikely that such "payoffs" would get very much media attention. Furthermore, the administration is in control of a number of agencies that can "guarantee" that anyone at those companies who works on the software in question will not talk. If they try, they'll have an "accident".

Any system that can be exploited ultimately will be, and the more incentive there is to exploit the system the sooner it will happen. In the case of a voting system that is unauditable and easily manipulated, I think there is every reason to believe that it will be exploited in the upcoming election.

The only way to counter it is to make sure that the number of states using them is few enough that they cannot have a meaningful effect on the election.

But so far, only a few states have taken any action against electronic voting machines to my knowledge, and only California has banned their use outright (again, to my knowledge). That's not nearly enough to ensure that the upcoming election is truly fair.

That's why I think Bush will win the upcoming election no matter what the voters actually think -- the current administration is the most ruthless and underhanded I've heard of, and that kind of approach is all that's needed to exploit the obviously vulnerable electronic election system in the U.S.

Tinfoil hat stuff? You bet. But 20 years ago, anyone who suggested that software would be patentable in the future would have been dismissed as a conspiracy theory nutcase. But it happened. 30 years ago, anyone who suggested that the U.S. would pass a law like the USAPATRIOT act would have been laughed out of the room. But it passed anyway. Tinfoil hat stuff is hard to dismiss if it is internally consistent, agrees better with all the facts, and explains current events better than everything else. As is, I believe, the case here.

But what's the point of electronic voting anyway? Surely it shouldn't just be to speed up the voting process? I think, if we're going to do this, it should be to ensure that everyone's vote gets counted by reducing, as far as possible, the impediments, such as hanging chads or badly designed ballots, that prevent this. So, while I like the first part of your suggestion I don't see why we need the second at the polling place. Simply have the first machine fill in the appropriate checkbox on a paper ballot th

The reason to have a separation between the machine that prints the ballot and the one that counts the vote is this: to prevent the voting machine from printing a ballot that lists one candidate while secretly casting the vote to the other. Such an "error" would only be detected in a manual recount. If the ballot were made totally human-readable but easy to scan, then this weakness is, for the most part, cured.

Optical scanner picks up the cross/sign , spits them out for human check if there's something wrong. The scanner does the jobs of 2 pc (actually it is a slimmed down PC) by counting and collecting data. Less expensive then 2 machines.

Later, while the election results are announced electronically (so making any "realtime freak" happy god knows why) the paper votes are hand recounted just to make sure nobody tampe

The problem with this is that some voters are stupid and will attempt to cross out, erase or otherwise make their ballot a complete mess. This opens up their ballot to interpretation. However, if we use a touch-screen voting machine to print out a ballot we eliminate that possibility.... as an added bonus these machine can be made accessible to the blind and physically challenged.

Jim March broke the news last night over on The High Road [thehighroad.org]; I submitted the story last night, but was rejected. Anyhow, follow the link, and you can read Jim's commentary, and discuss the case with him (he's a senior member and very active participant over at THR). All sorts of little tidbits over there--the suit has been in the works since November, but a gag order was just lifted yesterday. Somebody else mentioned that the plaintiffs get a 30% bounty on the damages, or 20% if the state provides legal assistance (that should be 15%, not 20%, BTW). He also discusses the basis for the fraud suit, and the somewhat unique method (Qui Tam) they've chosen to fight Diebold; he likens it to the tax evasion case against Al Capone. Definitely a good, lively discussion over there; well worth a read.

Every once in a while, you see a story in a different light than just about everyone else.

Jim March is not the one to be leading something like this. He's a nut case, but those of you applauding his efforts won't realize this until the cameras hit him - should this case go far enough to warrant the attention.

Having worked with him during one of his contracting gigs, it's safe to say just about everyone he came in personal contact with did everything they could to avoid him from then on. He had a nice habi

First: I can't get Rachel Konrad at AP to STOP calling me a "programmer". I was a full-tilt sysadmin when I left the techie fields but have never claimed to be a programmer anywhere. Apparantly her editors don't want to waste the space to put in "system administrator/tech support" or something. And because it's all over, it keeps getting re-broadcast. I can't freakin' stop it, although as God is my witness I've tried.

Mechanical ballots like Florida's 2000 punch-card ballots are vulnerable to designs which make incorrect voting likely, and this can be engineered to favor a particular candidate.

All-Electronic ballots vulnerable to software and hardware errors.

All of the above are vulnerable to catastrophies like fire, tornado, and other extreme circumstances.

Our best bet is to combine the best of the available technologies:1) The actual ballot is a human-readable, voter-verified ballot that, barring corrupt poll workers and observers, cannot be easily tampered with after the vote is cast. This physical ballot will be counted on election night and used in any recounts.2) machines are used to assist the blind and other handicapped voters in casting their votes and verifying their ballots, and to make a "clean" ballot which can be read quickly with almost zero errors by a counting machine or human counter.3) machines keep a secondary count of vote totals so news media can have a good, unofficial, estimate of the actual vote totals within a short time after the polls close. Barring error, the unofficial count will match the official count exactly.

Oh, of course any machines used in voting or counting votes would be "open for inspection" - that is, the hardware design, manufacturing processes, source and object code, would be published information and open to scrutiny. The actual hardware and object code would be audited to make sure it matched the published specifications, and if not, the difference would be documented for all to see.

As machines aren't perfect, human poll workers, election judges, and observers will be allowed to observe all parts of the election process.

Diebald issued a stream of no less then 3 patches in 3 days to fix their flaming new counting software release. "This will seal the problems while the machines are sealed until SP2 is out" said a pointy haired spokeperson. "We're proactively seeking the achievement of market leadership by deploying retroactive patches to updated software. Nation trust us." he said in a stunning wordplay worth of Nostradamus fame.

Opposers of the Diebald software proposed an open-source alternative , but their open attitude apparently is preventing them from ideologically sealing anything. "Let me patch it realtime while you vote ! Hey watchout I'm patching here !! wait just another minute... " an unidentified supporter said ; a few seconds later an angry queueing sweating roaring mob introduced him to the concept of releasing by due date. No penguin was harmed in the process.

Another angry flash mob quickly assembled in streets chanting praises of the aging, but reliable paper and pen voting system.

By "scanner fed" I mean a contraption such that an optical scanner reads a document and, after all the barcodes are scanned, if they make sense, the physical document prodeeds to the fed device.

-- ALL Printers (etc) print on a "reasonably heavy" card stock.

-- The errata bin scanner, unlike all the other scanners, will not reject/return an unscannable document. The Errata box also has a slot for truly mangled debris sheets. This errata bin should score or deface the ballots so inserted (have a roller splash "void" over their face etc.)

-- There is no "network", wireless or otherwise, connecting the voting stations to anything.

How voting procedes:

1) before polls open the voting system is used to print-up a bunch of "blank" ballots that have psudo-random or sequenced or whatever "GUIDS" and the big black words "this side down" in several languages, and these printed blanks are set up in bins. Blank ballots are printed at (any of) the voting stations using an administrative key or there could be a dedicated blank printer.

2) The voter aproaches the human who checks the voters ID etc.

3) The voter the selects, at random, one of the"blank" ballots and takes it to a voting station.

4) The voter scan-and-shred(s) the "blank" ballot to start the touch-screen process.

5) The voter navigates the touch-screen process in the language of their choice.

6) When the voter selects "done voting" the card-stock printer prints a completed ballot with (JUST) the name-office or initiative-selection pairs (e.g. President: Bob, or Issue 167: NO) selected by the voter for the issues he wishes vote, the GUID from the "blank" original, an encoded barcode/dotcode splash containing all the votes in machine readable form, the GUID, the "voting station serial number", the "voting station voter-session sequence number" and a checksum.

7) The voter then leaves the voting station.

8) The voter visually reviews their ballot print-out.

9) The voter may then either proceed to the ballot box or back into any voting station to ammend their vote via a scan-and-shred operation.

9a) If the voter elects to change their vote, they return to any voting station and, do the scan-and-shred operation as in step 3, but the station has read the barcode/dotcode splash and brought up what it read from the splash as the reviewable and changable defaults. The voter carries on.

9b) If the voter elects to cast his ballot, he takes it to the ballot box, where it is scanned and the ballot is stored in the lock-box.

10) The voter is given an "I voted" sticker with an MD5 (etc) checksum of their ballot printed on it as produced/recorded by the ballot-box.

-- Any ballot that is cast into the ballot box should be scored (e.g. roller stamped) with a scanner-cookie barcode that would make the voter stations reject it so that somone couldn't just open the box with a key/pry-bar and take the ballots over to a voter station, and edit them.

-- The ballot box would reject scanning/honoring a duplicate GUID, preventing all sorts of tampering/stuffing schemes.

-- A successful post-casting edit attack would be revealed by the mismatch of the nubmer of ballots in the box (physically counted) compared to the number scanned by the box, so there is a check-and-balance.

-- Any ballot that cannot be scanned by any of this equipment because of dammage (dropped, stepped on, torn, etc) or when a voter decides that something is "queer" is scan-and-stored by (or just p

The 2000 election was supremely screwed up, particularly in Florida, because people were voting with some old-timey machines that made holes in paper ballots, which could then be counted by machine. Only sometimes the holes didn't punch all the way through, or sometimes the ballots themselves were a little bit confusing.

The ballots had to be recounted by hand in Florida, with the help of a lot of volunteers and quite a bit of state money in order to deal with these problems -- also that Florida state law (as in most other states) requires a manual recount in case of extremely close races.

So the solution from the Federal Government is the Help America Vote Act (HAVA) that says states need to have secure, accurate voting machines that meet stringent guidelines for security and accuracy (not to mention accessibility by the disabled). If these machines are electronic, so much the better.

Under HAVA, the Federal government will grant the states buckets of money ($861 million so far, and plenty more to come) to get their voting machines compliant.

Only there's a few problems. States don't yet know what being compliant means, because the standards and definitions are still being worked out by the Election Assistance Commission (eac.gov) and the National Institute of Standards and Technology (nist.gov).

The EAC has got as far as appointing a subcommittee, but they're not due to meet again until Jan 2005, at the earliest.

What you're left with is states looking for machines they THINK will be compliant with HAVA -- particularly with the Americans with Disabilities Act (ADA), which calls for private, unassisted voting by blind people -- meaning that the voting machines will have to have audio components that read a person's choices and, before casting a vote, read a person's selections.

Direct recording electronic (DRE) voting machines are very good in this regard -- they can be very easily customizable at the state level to work at the precinct (or school board district) level.

But the problems with DREs are well documented -- inaccurate counts, easy (relatively) to manipulate, hackable, etc. And without a hard-copy record, impossible to do a recount.

So the solution proposed by California Sec of State Kevin Shelly, among others, is to have DREs create a 'voter-verifiable paper audit trail' (his term). Which means that the electronic machines have to print a paper record of the ballot which is then kept securely for recount, if neccessary.

Now this begs a couple of questions.

If a jurisdiction uses these fancy new machines to record, tabulate, and transmit vote results electronically, but at the same time has to keep paper copies of the votes for recount, then the paper ballots will surely be subpeonaed after any vote that is reasonably close (say within 5 percent).

It is a given that the paper ballots are going to be counted anyway, especially considering the number of races (town, county, school district, congressional district, senate, etc.) that are 'close' in any given year.

What this means is that HAVA is asking states to trash existing, functional machines that produce machine-readible paper ballots, machines that originally cost maybe $300 each and are already paid for, and replace them with new machines that cost more than $1000 each, and produce ballots that will have to be counted by hand.

Another issue that the press has not yet gotten wind of is the large number of election officials who have retired, gone on early retirement, or changed jobs since 2000. An unprecendented number of chief election officers in counties and states across the country will be supervising their first general elections this November. A comforting thought.

The outgoing officials saw sense -- that there is a train wreck approaching. An awful lot of people will be voting on machines untested in an actual election environment, and those machines are by many measures inferior to the